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DETAILED ACTION 

1 . This Office Action is responsive to the Amendment filed 5/1 5/2008. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 14-15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Etoh (US 2002/01 61 920) in view of Ando et al. (US 2002/0078202), hereafter Ando. 

Regarding claims 14-15, Etoh discloses: 
A method comprising: 

deploying a first station in a first network; deploying a server in a 
second network connected to said first network through a secure access 
server; (Fig. 1,12, 26, 22, 1 1 may all be stations in the first network, 28 is 
a sever in a second network. 13 or 14 may be "secure access servers" 
between the first and second network.) 

transmitting from said first station a protocol data unit addressed to 
a second station in said first network, wherein said protocol data unit 
comprises an address of said server. ([0089-0091], additionally Fig. 7-8 
and their descriptions in [0092-0093]. A station in one network (transmitter 
26) routes a data packet through a suspected router (i.e. 22) in the same 
network, and upon receiving the packet at the server on the second 
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network (recipient 28) the server decides that the device is an 
unauthorized router.) 

Etoh discloses all the limitations of claims 14-16 except for the server alarming 
when the packet is received. 

The general concept of recording, alerting, or alarming when a possible network 
vulnerability is found is well known in the art. (I.e. The examiner is taking Official Notice 
of this fact.) This is evidenced by Ando in at least Fig. 12, which displays an alert when 
unauthorized intrusions are detected; Fig. 14 which displays multiple network 
attacks/vulnerabilities as well as the network addresses of these events, additionally 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to combine Etoh with the general concept of recording, alerting, or alarming 
when a possible network vulnerability is found as taught by Ando in order to allow a 
network administrator to be aware of network vulnerabilities found by Etoh. 
4. Claims 1 6-1 7 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Etoh and Ando as applied to claims 14-15 above, and further in view of Burrows et al. 
(US 2002/0073338), hereafter Burrows. 

Etoh and Ando teach all the limitations of claims 16-17 except discovering the 
port that the unauthorized router is attached to and disabling that port. 

The general concept of discovering the port that is the source of a network attack 
or vulnerability and disabling that port is well known in the art as taught by Burrows. 
([0050-0051] teach finding the source of an unwanted packet and disabling the port that 
is the source of the packet.) 
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It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Etoh and Ando with the general concept of discovering the port that 
is the source of a network attack or vulnerability and disabling that port as taught by 
Burrows in order to eliminate security vulnerabilities in the network. 

Response to Arguments 

5. Applicant's arguments filed 5/1 5/2008 have been fully considered but they are 
not persuasive. 

6. Applicant argues that Etoh does not teach or suggest "the protocol data unit 
comprises the address of the server". The Examiner disagrees, as in [0090] it is stated 
"in response to the reception of an inspection IP packet, generates an IP packet that 
includes a source IP address and a destination IP address that match the source IP 
address and destination IP address contained in the inspection packet, i.e., that are the 
IP addresses of the inspection target network connection apparatus and of the recipient 
router search apparatus." Thus, the packet contains the address of the server, which in 
this case is the "recipient router search apparatus". 

Conclusion 

7. Applicant has failed to seasonably challenge the Examiner's assertions of well 
known subject matter in the previous Office action(s) pursuant to the requirements set 
forth under MPEP §2144.03. A "seasonable challenge" is an explicit demand for 
evidence set forth by Applicant in the next response. Accordingly, the claim limitations 
the Examiner considered as "well known" in the first Office action are now established 
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as admitted prior art of record for the course of the prosecution. See In re Chevenard, 
139 F.2d 71, 60 USPQ 239 (CCPA 1943). 

8. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to MICHAEL E. KEEFER whose telephone number is 
(571)270-1591 . The examiner can normally be reached on Monday through Friday 
9am-5pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nathan Flynn can be reached on (571) 272-1915. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

MEK 7/18/2008 

/Joseph E. Avellino/ 

Primary Examiner, Art Unit 2146 



